Actually there is Agent developed by McAfee that will do the job, furthermore if you are using ePO you will be able to deploy and manage them from there.
It is really useful, below is an example how you can utilize the agent to collect IIS logs:
The Agent is using port 8081 you can even send the data encrypted.
The McAfee SIEM Collector is host-based software that can be configured to send events to a McAfee ESM with a Receiver. The SIEM Collector can be configured to send events from the local Windows machine or from remote Windows machines. The following types of events can be sent to the Receiver using the SIEM Collector:
· Windows Event Logs · Syslog from a file · Microsoft System Center Operations Manager · Microsoft SQL Server C2 Audit Logs · Kaspersky Events · Events from a Microsoft SQL or Oracle Database
Following is a diagram of this process:
The SIEM collector runs on both 32- and 64-bit architecture.
About Windows Event Logs - default only SYSTEM, SECURITY, APPLICATION. If you need something else - sorry, how I know?
Use SNARE (now I am on free version) in SIEM have 2 rules for SNARE in Windows